Origin Validation Error

CVE-2023-0132

Medium

6.5/10

Summary

Inappropriate implementation in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

CWE-346 - Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

References

Release Note
Issue
Advisory

Advisory Timeline

Published Jan 10, 2023

Origin Validation Error

CVE-2023-0132

Summary

CWE-346 - Origin Validation Error

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS